<?php
if ($ticket_parent!=1) {
	header('Location: class_manager.php');
	exit;
}

if ($_POST["add_module_form_submit"] && is_admin()){
	$short_name = mysql_real_escape_string(trim($_POST["add_module_form_short_name"]), $class_manager_db);
	$long_name = mysql_real_escape_string(trim($_POST["add_module_form_long_name"]), $class_manager_db);
	$description = mysql_real_escape_string(trim($_POST["add_module_form_description"]), $class_manager_db);

	if(strlen($short_name)<=0){
		e("Please include a 'Short Name'.");
	}
	if(strlen($long_name)<=0){
		e("Please include a 'Long Name'.");
	}
	if(strlen($description)<=0){
		e("Please include a description.");
	}
	
	$prerequisites = array();
	$options = array(
			'options' => array(
					'min_range' => 0,
			)
	);
	if(isset($_POST["add_module_form_nr_prereqs"]) && filter_var($_POST["add_module_form_nr_prereqs"], FILTER_VALIDATE_INT, $options) !== false){
		for($i=0;$i<$_POST["add_module_form_nr_prereqs"];$i++){
			if(isset($_POST["add_module_form_prerequisite_".$i]) && filter_var($_POST["add_module_form_prerequisite_".$i], FILTER_VALIDATE_INT, $options) !== false){
				$result = mysql_query("SELECT pkey FROM modules WHERE pkey='".$_POST["add_module_form_prerequisite_".$i]."'", $class_manager_db) or die(mysql_error($class_manager_db));
				if(mysql_num_rows($result)<=0){
					e("Prerequisite ".($i+1)." not a valid module.");
				}
				else if(in_array($_POST["add_module_form_prerequisite_".$i],$prerequisites)){
					e("You may not use duplicate prerequisites.");
				}
				else{
					$prerequisites[$i] = $_POST["add_module_form_prerequisite_".$i];
				}
			}
			else{
				e("Prerequisite ".($i+1)." has an invalid format.");
			}
		}
	}
	else{
		e("Invalid number of prerequisites.");
	}
	
	if(empty($errors)){
		mysql_query("LOCK TABLE modules WRITE, prerequisites WRITE", $class_manager_db) or die(mysql_error($class_manager_db));
		
		mysql_query("INSERT INTO modules (short_name,long_name,description) VALUES
				('$short_name', '$long_name', '$description')", $class_manager_db) or die(mysql_error($class_manager_db));
		$module_pkey=mysql_insert_id($class_manager_db);
		for($i=0; $i<$_POST["add_module_form_nr_prereqs"]; $i++){
			mysql_query("INSERT INTO prerequisites (module,prerequisite) VALUES ('$module_pkey','$prerequisites[$i]')", $class_manager_db) or die(mysql_error($class_manager_db));
		}
		
		mysql_query("UNLOCK TABLES", $class_manager_db) or die(mysql_error($class_manager_db));
		
		s("'".stripslashes($short_name)."' successfully added!");
		unset($_POST);
	}
}

if ($_POST["update_module_form_submit"] && is_admin()){
	$pkey = trim($_POST["update_module_form_pkey"]);
	$long_name = mysql_real_escape_string(trim($_POST["update_module_form_long_name"]), $class_manager_db);
	$description = mysql_real_escape_string(trim($_POST["update_module_form_description"]), $class_manager_db);
	
	if(filter_var($pkey, FILTER_VALIDATE_INT) === false){
		e("Critical Error: pkey has invalid format!");
	}

	if(strlen($long_name)<=0){
		e("Please include a 'Long Name' when updating.");
	}
	if(strlen($description)<=0){
		e("Please include a description when updating.");
	}
	
	$result = mysql_query("select short_name from modules WHERE pkey='$pkey'", $class_manager_db) or die(mysql_error($class_manager_db));
	if(!$result || mysql_num_rows($result) == 0){
		e("Critical Error: Invalid primary key on module update!");
	}
	else{
		$line = mysql_fetch_array($result, MYSQL_ASSOC);
	}
	
	if(empty($errors)){
		mysql_query("UPDATE modules SET long_name='$long_name', description='$description' WHERE pkey='$pkey'", $class_manager_db) or die(mysql_error($class_manager_db));
		s("'".stripslashes($line["short_name"])."' successfully updated!");
	}
}


if ($_POST["delete_prerequisite_form_submit"] && is_admin()){
	$options = array(
		'options' => array(
			'min_range' => 0
		)
	);
	if(!isset($_POST["delete_prerequisite_form_module"]) || filter_var($_POST["delete_prerequisite_form_module"], FILTER_VALIDATE_INT, $options) === false){
		e("Module pkey has invalid format on prerequisite delete.");
	}
	if(!isset($_POST["delete_prerequisite_form_prerequisite"]) || filter_var($_POST["delete_prerequisite_form_prerequisite"], FILTER_VALIDATE_INT, $options) === false){
		e("Prerequiste has invalid format on prerequisite delete.");
	}
	$result = mysql_query("SELECT * FROM prerequisites WHERE module='".$_POST["delete_prerequisite_form_module"]."' AND prerequisite='".$_POST["delete_prerequisite_form_prerequisite"]."'", $class_manager_db) or die(mysql_error($class_manager_db));
	if(mysql_num_rows($result)<=0){
		e("Prerequiste not found in database on prerequisite delete.");
	}
	if(empty($errors)){
		mysql_query("DELETE FROM prerequisites WHERE module='".$_POST["delete_prerequisite_form_module"]."' AND prerequisite='".$_POST["delete_prerequisite_form_prerequisite"]."'", $class_manager_db) or die(mysql_error($class_manager_db));
		s("Prerequisite successfully removed.");
	}
}


if ($_POST["add_prerequisite_form_submit"] && is_admin()){
	$options = array(
		'options' => array(
			'min_range' => 0
		)
	);
	if(!isset($_POST["add_prerequisite_form_module"]) || filter_var($_POST["add_prerequisite_form_module"], FILTER_VALIDATE_INT, $options) === false){
		e("Module pkey has invalid format on prerequisite add.");
	}
	if(!isset($_POST["add_prerequisite_form_prerequisite"]) || filter_var($_POST["add_prerequisite_form_prerequisite"], FILTER_VALIDATE_INT, $options) === false){
		e("Prerequiste has invalid format on prerequisite add.");
	}
	if($_POST["add_prerequisite_form_module"] == $_POST["add_prerequisite_form_prerequisite"]){
		e("A module may not have itself as a prerequisite.");
	}
	else{
		$result = mysql_query("SELECT pkey FROM modules WHERE pkey='".$_POST["add_prerequisite_form_module"]."' OR pkey='".$_POST["add_prerequisite_form_prerequisite"]."'", $class_manager_db) or die(mysql_error($class_manager_db));
		if(mysql_num_rows($result) != 2){
			e("Module or prerequisite not found in database.");
		}
		else{
			$result = mysql_query("SELECT * FROM prerequisites WHERE module='".$_POST["add_prerequisite_form_module"]."' AND prerequisite='".$_POST["add_prerequisite_form_prerequisite"]."'", $class_manager_db) or die(mysql_error($class_manager_db));
			if(mysql_num_rows($result) > 0){
				e("Cannot add the same prerequisiste twice.");
			}
		}
	}
	if(empty($errors)){
		mysql_query("INSERT INTO prerequisites (module,prerequisite) VALUES ('".$_POST["add_prerequisite_form_module"]."', '".$_POST["add_prerequisite_form_prerequisite"]."')", $class_manager_db) or die(mysql_error($class_manager_db));
		s("Prerequisite successfully added.");
	}
}

if ($_POST["add_class_form_submit"] && is_admin()){
	//check module input
	$module = trim($_POST["add_class_form_module"]);
	if(filter_var($module, FILTER_VALIDATE_INT) === false){
		e("Critical Error: module pkey has invalid format!");
	}
	else{
		$result = mysql_query("select short_name from modules WHERE pkey='$module'", $class_manager_db) or die(mysql_error($class_manager_db));
		if(!$result || mysql_num_rows($result) == 0){
			e("Critical Error: Invalid module pkey on class insert!");
		}
	}

	if(strlen(trim($_POST["add_class_form_reg_start_date"]))==0 && strlen(trim($_POST["add_class_form_reg_start_time"]))==0){
		$reg_start = NULL;
	}
	else if(strlen(trim($_POST["add_class_form_reg_start_date"]))==0 || strlen(trim($_POST["add_class_form_reg_start_time"]))==0){
		e("Registration start date/time invalid.");
	}
	else{
		list($reg_start_day,$reg_start_month,$reg_start_year) = explode(".",trim($_POST["add_class_form_reg_start_date"]));
		$reg_start_raw = $reg_start_year."-".$reg_start_month."-".$reg_start_day." ".trim($_POST["add_class_form_reg_start_time"])." UTC";
		if(($reg_start = strtotime($reg_start_raw)) == false){
			e("Registration start date/time invalid.");
		}
	}

	//check capacity input
	$capacity = trim($_POST["add_class_form_capacity"]);
	$capacity_options = array(
		'options' => array(
				'min_range' => 0
		)
	);
	if(strlen($capacity)==0){
		$capacity = NULL; 
	}
	else if(filter_var($capacity, FILTER_VALIDATE_INT, $capacity_options) === false){
		e("Invalid 'capacity' format.");
	}

	//check comments input
	$comments = mysql_real_escape_string(trim($_POST["add_class_form_comments"]), $class_manager_db);

	$fee = trim($_POST["add_class_form_fee"]);
	if(strlen($fee)==0){
		e("Please specify a fee.");
	}
	else if(filter_var($fee, FILTER_VALIDATE_FLOAT) === false || $fee<0 || strlen(substr(strrchr($fee, "."), 1))>2){
		e("Invalid 'fee' format.");
	}

	if(!isset($_POST["add_class_form_nr_dates"]) || $_POST["add_class_form_nr_dates"]<=0){
		e("Invalid number of sessions.");
	}

	$session_start_datetime = array();
	$session_duration = array();
	$session_comments = array();
	for ($i=0;$i<$_POST["add_class_form_nr_dates"];$i++){
		if(strlen(trim($_POST["add_class_form_start_date_".$i]))==0 || strlen(trim($_POST["add_class_form_start_time_".$i]))==0){
			e("Please specify a start date/time for session ".($i+1));
		}
		else{
			list($session_start_day,$session_start_month,$session_start_year) = explode(".",trim($_POST["add_class_form_start_date_".$i]));
			$session_start_datetime_raw = $session_start_year."-".$session_start_month."-".$session_start_day." ".trim($_POST["add_class_form_start_time_".$i])." UTC";
			if(($session_start_datetime[$i] = strtotime($session_start_datetime_raw)) == false){
				e("Invalid start date/time for session ".($i+1));
			}
		}
		
		$session_duration[$i] = trim($_POST["add_class_form_duration_".$i]);
		if(strlen($session_duration[$i])==0){
			e("Please specify a session duration for session ".($i+1));
		}
		else if(filter_var($session_duration[$i], FILTER_VALIDATE_FLOAT) === false || $session_duration[$i]<=0){
			e("Invalid session duration for session ".($i+1));
		}
		
		$session_comments[$i] = mysql_real_escape_string(trim($_POST["add_class_form_session_comments_".$i]), $class_manager_db);
	}
	
	if(empty($errors)){
		mysql_query("LOCK TABLE classes WRITE, sessions WRITE", $class_manager_db) or die(mysql_error($class_manager_db));
		
		mysql_query("INSERT INTO classes (module, comments, fee) 
				VALUES ('$module', '$comments', '$fee')", $class_manager_db) or die(mysql_error($class_manager_db));
		$class_pkey = mysql_insert_id($class_manager_db);
		if($reg_start != NULL){
			mysql_query("UPDATE classes SET reg_start=FROM_UNIXTIME('$reg_start') WHERE pkey=$class_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
		}
		if($capacity != NULL){
			mysql_query("UPDATE classes SET capacity='$capacity' WHERE pkey=$class_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
		}
		for ($i=0;$i<$_POST["add_class_form_nr_dates"];$i++){
			mysql_query("INSERT INTO sessions (class, start_datetime, duration, comments) 
					VALUES ('$class_pkey', FROM_UNIXTIME('$session_start_datetime[$i]'), '$session_duration[$i]', '$session_comments[$i]')", $class_manager_db) or die(mysql_error($class_manager_db));
		}
		
		mysql_query("UNLOCK TABLES", $class_manager_db) or die(mysql_error($class_manager_db));
		
		s("Class successfully added.");
		unset($_POST);
	}
}

if($_POST["edit_class_form_submit"] && is_admin()){
	//check cancelled input
	if($_POST["edit_class_form_cancelled"] == "1"){
		$cancelled = 1;
	}
	else{
		$cancelled = 0;
	}
	
	//check module input
	$module = trim($_POST["edit_class_form_module"]);
	if(filter_var($module, FILTER_VALIDATE_INT) === false){
		e("Critical Error: module pkey has invalid format!");
	}
	else{
		$result = mysql_query("select short_name from modules WHERE pkey='$module'", $class_manager_db) or die(mysql_error($class_manager_db));
		if(!$result || mysql_num_rows($result) == 0){
			e("Critical Error: Invalid module pkey on class insert!");
		}
	}

	//check reg start date
	if(strlen(trim($_POST["edit_class_form_reg_start_date"]))==0 && strlen(trim($_POST["edit_class_form_reg_start_time"]))==0){
		$reg_start = NULL;
	}
	else if(strlen(trim($_POST["edit_class_form_reg_start_date"]))==0 || strlen(trim($_POST["edit_class_form_reg_start_time"]))==0){
		e("Registration start date/time invalid.");
	}
	else{
		list($reg_start_day,$reg_start_month,$reg_start_year) = explode(".",trim($_POST["edit_class_form_reg_start_date"]));
		$reg_start_raw = $reg_start_year."-".$reg_start_month."-".$reg_start_day." ".trim($_POST["edit_class_form_reg_start_time"])." UTC";
		if(($reg_start = strtotime($reg_start_raw)) == false){
			e("Registration start date/time invalid.");
		}
	}

	//check capacity input
	$capacity = trim($_POST["edit_class_form_capacity"]);
	$capacity_options = array(
		'options' => array(
				'min_range' => 0
		)
	);
	if(strlen($capacity)==0){
		$capacity = NULL; 
	}
	else if(filter_var($capacity, FILTER_VALIDATE_INT, $capacity_options) === false){
		e("Invalid 'capacity' format.");
	}

	//check comments input
	$comments = mysql_real_escape_string(trim($_POST["edit_class_form_comments"]), $class_manager_db);

	//check fee input
	$fee = trim($_POST["edit_class_form_fee"]);
	if(strlen($fee)==0){
		e("Please specify a fee.");
	}
	else if(filter_var($fee, FILTER_VALIDATE_FLOAT) === false || $fee<0 || strlen(substr(strrchr($fee, "."), 1))>2){
		e("Invalid 'fee' format.");
	}
	
	//check pkey input
	$class_pkey = trim($_POST["edit_class_form_pkey"]);
	if(strlen($class_pkey)==0){
		e("Critical Error: No pkey specified for update!");
	}
	else if(filter_var($class_pkey, FILTER_VALIDATE_INT) === false || $class_pkey<0){
		e("Critical Error: pkey has invalid format!");
	}
	else{
		$result = mysql_query("SELECT pkey FROM `classes` WHERE pkey=$class_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
		if(mysql_num_rows($result)<=0){
			e("Critical Error: Class pkey does not exist!");
		}
	}

	$session_start_datetime = array();
	$session_duration = array();
	$session_comments = array();
	$session_pkey = array();
	$i=0;
	while(isset($_POST["edit_class_session_form_start_date_".$i]) && isset($_POST["edit_class_session_form_start_time_".$i]) &&
	isset($_POST["edit_class_session_form_duration_".$i]) && isset($_POST["edit_class_session_form_comments_".$i])){
		//check session date/time input
		if(strlen(trim($_POST["edit_class_session_form_start_date_".$i]))==0 || strlen(trim($_POST["edit_class_session_form_start_time_".$i]))==0){
			e("Please specify a start date/time for session ".($i+1));
		}
		else{
			list($session_start_day,$session_start_month,$session_start_year) = explode(".",trim($_POST["edit_class_session_form_start_date_".$i]));
			$session_start_datetime_raw = $session_start_year."-".$session_start_month."-".$session_start_day." ".trim($_POST["edit_class_session_form_start_time_".$i])." UTC";
			if(($session_start_datetime[$i] = strtotime($session_start_datetime_raw)) == false){
				e("Invalid start date/time for session ".($i+1));
			}
		}
		
		//check duration input
		$session_duration[$i] = trim($_POST["edit_class_session_form_duration_".$i]);
		if(strlen($session_duration[$i])==0){
			e("Please specify a session duration for session ".($i+1));
		}
		else if(filter_var($session_duration[$i], FILTER_VALIDATE_FLOAT) === false || $session_duration[$i]<=0){
			e("Invalid session duration for session ".($i+1));
		}
		
		//check comments input
		$session_comments[$i] = mysql_real_escape_string(trim($_POST["edit_class_session_form_comments_".$i]), $class_manager_db);
		
		//check session pkey input
		$session_pkey[$i] = trim($_POST["edit_class_session_form_pkey_".$i]);
		if(strlen($session_pkey[$i])==0){
			e("Critical Error: No session pkey specified for update!");
		}
		else if(filter_var($session_pkey[$i], FILTER_VALIDATE_INT) === false || $session_pkey[$i]<0){
			e("Critical Error: session pkey has invalid format!");
		}
		else{
			$result = mysql_query("SELECT pkey FROM sessions WHERE pkey=$session_pkey[$i]", $class_manager_db) or die(mysql_error($class_manager_db));
			if(mysql_num_rows($result)<=0){
				e("Critical Error: Session pkey does not exist!");
			}
		}
		
		$i++;
	}
	$num_sessions=$i;
	
	if(empty($errors)){
		mysql_query("LOCK TABLE classes WRITE, sessions WRITE", $class_manager_db) or die(mysql_error($class_manager_db));
		
		mysql_query("UPDATE classes SET module='$module', comments='$comments', fee='$fee', cancelled='$cancelled' WHERE pkey=$class_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
		if($reg_start != NULL){
			mysql_query("UPDATE classes SET reg_start=FROM_UNIXTIME('$reg_start') WHERE pkey=$class_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
		}
		if($capacity != NULL){
			mysql_query("UPDATE classes SET capacity='$capacity' WHERE pkey=$class_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
		}
		for ($i=0;$i<$num_sessions;$i++){
			mysql_query("UPDATE sessions SET class='$class_pkey', start_datetime=FROM_UNIXTIME('$session_start_datetime[$i]'), 
			duration='$session_duration[$i]', comments='$session_comments[$i]' WHERE pkey=$session_pkey[$i]", $class_manager_db) or die(mysql_error($class_manager_db));
		}
		
		mysql_query("UNLOCK TABLES", $class_manager_db) or die(mysql_error($class_manager_db));
		
		s("Class successfully updated.");
	}
	
}

if($_POST["delete_class_session_form_class_pkey"] && $_POST["delete_class_session_form_session_pkey"] && is_admin()){
	//check pkey input
	$class_pkey = trim($_POST["delete_class_session_form_class_pkey"]);
	if(strlen($class_pkey)==0){
		e("Critical Error: No class pkey specified for delete!");
	}
	else if(filter_var($class_pkey, FILTER_VALIDATE_INT) === false || $class_pkey<0){
		e("Critical Error: class pkey has invalid format for delete!");
	}
	else{
		$result = mysql_query("SELECT pkey FROM `classes` WHERE pkey=$class_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
		if(mysql_num_rows($result)<=0){
			e("Critical Error: Class pkey does not exist for delete!");
		}
	}

	//check session pkey input
	$session_pkey = trim($_POST["delete_class_session_form_session_pkey"]);
	if(strlen($session_pkey[$i])==0){
		e("Critical Error: No session pkey specified for delete!");
	}
	else if(filter_var($session_pkey, FILTER_VALIDATE_INT) === false || $session_pkey<0){
		e("Critical Error: session pkey has invalid format for delete!");
	}
	else{
		$result = mysql_query("SELECT pkey FROM sessions WHERE pkey=$session_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
		if(mysql_num_rows($result)<=0){
			e("Critical Error: Session pkey does not exist for delete!");
		}
		$result = mysql_query("SELECT pkey FROM sessions WHERE pkey=$session_pkey AND class=$class_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
		if(mysql_num_rows($result)<=0){
			e("Critical Error: Session/Class mismatch for delete!");
		}
		$result = mysql_query("SELECT pkey FROM sessions WHERE class=$class_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
		if(mysql_num_rows($result)<=1){
			e("You must have atleast one session per class.");
		}
	}
	
	if(empty($errors)){
		mysql_query("DELETE FROM sessions WHERE pkey=$session_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
		
		s("Session successfully deleted.");
	}
}


if($_POST["add_class_session_form_submit"] && is_admin()){
	//check session date/time input
	if(strlen(trim($_POST["add_class_session_form_start_date"]))==0 || strlen(trim($_POST["add_class_session_form_start_time"]))==0){
		e("Please specify a start date/time for session add");
	}
	else{
		list($session_start_day,$session_start_month,$session_start_year) = explode(".",trim($_POST["add_class_session_form_start_date"]));
		$session_start_datetime_raw = $session_start_year."-".$session_start_month."-".$session_start_day." ".trim($_POST["add_class_session_form_start_time"])." UTC";
		if(($session_start_datetime = strtotime($session_start_datetime_raw)) == false){
			e("Invalid start date/time for session add");
		}
	}
	
	//check duration input
	$session_duration = trim($_POST["add_class_session_form_duration"]);
	if(strlen($session_duration)==0){
		e("Please specify a session duration for session add");
	}
	else if(filter_var($session_duration, FILTER_VALIDATE_FLOAT) === false || $session_duration<=0){
		e("Invalid session duration for session add");
	}
	
	//check comments input
	$session_comments = mysql_real_escape_string(trim($_POST["add_class_session_form_comments"]), $class_manager_db);
	
	//check session pkey input
	$class_pkey = trim($_POST["add_class_session_form_class_pkey"]);
	if(strlen($class_pkey)==0){
		e("Critical Error: No class pkey specified for session add!");
	}
	else if(filter_var($class_pkey, FILTER_VALIDATE_INT) === false || $class_pkey<0){
		e("Critical Error: class pkey has invalid format for session add!");
	}
	else{
		$result = mysql_query("SELECT pkey FROM classes WHERE pkey=$class_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
		if(mysql_num_rows($result)<=0){
			e("Critical Error: Class pkey does not exist for session add!");
		}
	}
	
	if(empty($errors)){

		mysql_query("INSERT INTO sessions (class, start_datetime, duration, comments)
				VALUES ('$class_pkey', FROM_UNIXTIME('$session_start_datetime'), '$session_duration', '$session_comments')", $class_manager_db) or die(mysql_error($class_manager_db));
	
		s("Class session successfully added.");
	}
}

if($_POST["status_change_form_participant_pkey"] && $_POST["status_change_form_status"] && is_admin()){
	//check pkey input
	$participant_pkey = trim($_POST["status_change_form_participant_pkey"]);
	if(strlen($participant_pkey)==0){
		e("Critical Error: No participant pkey specified for status update!");
	}
	else if(filter_var($participant_pkey, FILTER_VALIDATE_INT) === false || $participant_pkey<0){
		e("Critical Error: Participant pkey has invalid format for status update!");
	}
	else{
		$result = mysql_query("SELECT pkey FROM `participants` WHERE pkey=$participant_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
		if(mysql_num_rows($result)<=0){
			e("Critical Error: Participant pkey does not exist for status update!");
		}
	}
	
	//check status
	$form_status = trim($_POST["status_change_form_status"]);
	if($form_status != "registered" && $form_status != "wait_list" && $form_status != "withdrawn" && $form_status != "kicked"){
		e("Critical Error: Invalid status for status update!");
	}
	
	if(empty($errors)){
		mysql_query("update participants set status='$form_status' where pkey='$participant_pkey'", $class_manager_db) or die(mysql_error($class_manager_db));
	
		s("Status successfully updated.");
	}
}

if($_POST["adjust_payment_form_submit"] && is_admin()){
	//validate input
	$participant_pkey = trim($_POST["adjust_payment_form_participant_pkey"]);
	if(strlen($participant_pkey)==0){
		e("Critical Error: No participant pkey specified for payment update!");
	}
	else if(filter_var($participant_pkey, FILTER_VALIDATE_INT) === false || $participant_pkey<0){
		e("Critical Error: Participant pkey has invalid format for payment update!");
	}
	else{
		$result = mysql_query("SELECT payment_code FROM `participants` WHERE pkey=$participant_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
		if(mysql_num_rows($result)<=0){
			e("Critical Error: Participant pkey does not exist for payment update!");
		}
		else{
			$line=mysql_fetch_array($result, MYSQL_ASSOC);
			$payment_code=$line["payment_code"];
			if($payment_code===NULL){
				e("Critical Error: Participant has no payment code!");
			}
		}
	}

	$amount=trim($_POST["adjust_payment_form_amount"]);
	if(strlen($amount)==0){
		e("You must include an amount when updating payment information.");
	}
	else if(filter_var($amount, FILTER_VALIDATE_INT) === false){
		e("Amount has invalid format.");
	}
	
	$comments = mysql_real_escape_string(trim($_POST["adjust_payment_form_comments"]), $class_manager_db);
	
	//add to transactions table
	if(empty($errors)){
		mysql_query("INSERT INTO transactions (payment_code, forum_member_id, amount, comments)
				VALUES ('$payment_code', '".$_SESSION["user"]["member_id"]."', '$amount', '$comments')", $class_manager_db) or die(mysql_error($class_manager_db));
	
		s("Payment information successfully updated.");
	}
}


if($_POST["match_capacity_form_submit"] && is_admin()){
	$class_pkey = trim($_POST["match_capacity_form_class_pkey"]);
	if(strlen($class_pkey)==0){
		e("Critical Error: No class pkey specified for capacity match!");
	}
	else if(filter_var($class_pkey, FILTER_VALIDATE_INT) === false || $class_pkey<0){
		e("Critical Error: Class pkey has invalid format for capacity match!");
	}
	else{
		$result = mysql_query("SELECT capacity FROM `classes` WHERE pkey=$class_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
		if(mysql_num_rows($result)<=0){
			e("Critical Error: Class pkey does not exist for capacity match!");
		}
		else{
			$line=mysql_fetch_array($result, MYSQL_ASSOC);
			$class_capacity=$line["capacity"];
			if($class_capacity===NULL){
				w("This class has unlimited capactiy.");
			}
		}
	}
	
	if(empty($errors) && empty($warnings)){
		mysql_query("LOCK TABLE participants WRITE", $class_manager_db) or die(mysql_error($class_manager_db));
		$result = mysql_query("SELECT COUNT(pkey) as num_registered FROM participants WHERE status='registered' AND alumnus='0' AND class='$class_pkey'", $class_manager_db) or die(mysql_error($class_manager_db));
		$line=mysql_fetch_array($result,MYSQL_ASSOC);
		$num_to_admit = $class_capacity - $line["num_registered"];
		if($num_to_admit > 0){
			$result = mysql_query("SELECT pkey FROM participants WHERE status='wait_list' AND class=$class_pkey ORDER BY timestamp ASC", $class_manager_db) or die(mysql_error($class_manager_db));
			while(($line=mysql_fetch_array($result,MYSQL_ASSOC)) && $num_to_admit>0){
				mysql_query("UPDATE participants SET status='registered' WHERE pkey='".$line["pkey"]."'", $class_manager_db) or die(mysql_error($class_manager_db));
				$num_to_admit--;
			}
		}
		else if ($num_to_admit < 0){
			$result = mysql_query("SELECT pkey FROM participants WHERE status='registered' AND alumnus='0' AND class=$class_pkey ORDER BY timestamp DESC", $class_manager_db) or die(mysql_error($class_manager_db));
			while(($line=mysql_fetch_array($result,MYSQL_ASSOC)) && $num_to_admit<0){
				mysql_query("UPDATE participants SET status='wait_list' WHERE pkey='".$line["pkey"]."'", $class_manager_db) or die(mysql_error($class_manager_db));
				$num_to_admit++;
			}
		}
		mysql_query("UNLOCK TABLES", $class_manager_db) or die(mysql_error($class_manager_db));
	}
}

if($_POST["class_list_form_submit"] && is_admin()){
	if(isset($_POST["class_list_form_completed"])){
		$graduates=$_POST["class_list_form_completed"];
	}
	else{
		$graduates=array();
	}
	if(isset($_POST["class_list_form_all"])){
		$full_list=$_POST["class_list_form_all"];
	}
	else{
		$full_list=array();
	}
	
	foreach ($graduates as $participant_pkey){
		$participant_pkey = trim($participant_pkey);
		if(strlen($participant_pkey)==0){
			e("Critical Error: No participant pkey specified for a graduate!");
		}
		else if(filter_var($participant_pkey, FILTER_VALIDATE_INT) === false || $participant_pkey<0){
			e("Critical Error: Participant pkey has invalid format for a graduate!");
		}
		else{
			$result = mysql_query("SELECT forum_member_id, character_name, class FROM `participants` WHERE pkey=$participant_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
			if(mysql_num_rows($result)<=0){
				e("Critical Error: Participant pkey does not exist for a graduate!");
			}
			else{
				$line=mysql_fetch_array($result, MYSQL_ASSOC);
				$forum_member_id=$line["forum_member_id"];
				$character_name=$line["character_name"];
				$class=$line["class"];
				$result = mysql_query("SELECT * from `completed` WHERE name='$character_name' and class='$class'", $class_manager_db) or die(mysql_error($class_manager_db));
				if(mysql_num_rows($result)>0){
					continue;
				}
			}
		}
		
		if(empty($errors)){
			mysql_query("INSERT INTO completed (forum_member_id, name, class)
					VALUES ('$forum_member_id', '$character_name', '$class')", $class_manager_db) or die(mysql_error($class_manager_db));
		}
	}
	
	foreach (array_diff($full_list,$graduates) as $participant_pkey){
		$participant_pkey = trim($participant_pkey);
		if(strlen($participant_pkey)==0){
			e("Critical Error: No participant pkey specified for ungraduating!");
		}
		else if(filter_var($participant_pkey, FILTER_VALIDATE_INT) === false || $participant_pkey<0){
			e("Critical Error: Participant pkey has invalid format for ungraduating!");
		}
		else{
			$result = mysql_query("SELECT forum_member_id, character_name, class FROM `participants` WHERE pkey=$participant_pkey", $class_manager_db) or die(mysql_error($class_manager_db));
			if(mysql_num_rows($result)<=0){
				e("Critical Error: Participant pkey does not exist for ungraduating!");
			}
			else{
				$line=mysql_fetch_array($result, MYSQL_ASSOC);
				$character_name=$line["character_name"];
				$class=$line["class"];
				$result = mysql_query("SELECT * from `completed` WHERE name='$character_name' and class='$class'", $class_manager_db) or die(mysql_error($class_manager_db));
				if(mysql_num_rows($result)>0){
					mysql_query("delete from completed where name='$character_name' and class='$class'", $class_manager_db) or die(mysql_error($class_manager_db));
				}
			}
		}
	}
}

?>
